from rest_framework import permissions

class IsAdmin(permissions.BasePermission):
    """仅超级管理员可访问"""
    def has_permission(self, request, view):
        return request.user.is_authenticated and request.user.role == 'admin'

class IsReviewerOrAdmin(permissions.BasePermission):
    """审核员或管理员可访问"""
    def has_permission(self, request, view):
        if not request.user.is_authenticated:
            return False
        return request.user.role in ['reviewer', 'admin']